PowerShell Replacement for ‘nslookup’

The fourth post in my PowerShell Beginner series, “Daily Tasks, The PowerShell Way“. Use PowerShell’s Resolve-DnsName cmdlet as a more powerful successor to ‘nslookup’.

What’s in a name?

Any seasoned IT Pro knows that the names we see for servers or in web URLs ultimately need to “resolve” or translate to a numerical IP address. Computers perform this resolution using a worldwide network of Domain Name System (DNS) servers. When your browser attempts to go to https://thinkpowershell.com, your computer will send a query to a DNS server with the hostname “thinkpowershell.com”, and the DNS server will return the IP address of the server hosting the website. Your DNS server will likely have to forward a query to other DNS servers to get the correct IP address.

nslookup (name server lookup) is a command line tool that has been around for years for performing this lookup activity on demand. You can specify the hostname or website domain name for which you want to “lookup” the IP address. Additionally, with the second positional parameter you can specify the IP address of a specific DNS server you want to query. It is a helpful tool, but it only returns CNAME , A, and AAAA record information, and not as a script-usable object.

PowerShell

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

C:\Users\aaron>nslookup www.microsoft.com8.8.8.8

Server:google-public-dns-a.google.com

Address:8.8.8.8

Non-authoritativeanswer:

Name:e10088.dspb.akamaiedge.net

Addresses:2600:1407:9:28c::2768

2600:1407:9:295::2768

23.72.44.137

Aliases:www.microsoft.com

www.microsoft.com-c.edgekey.net

www.microsoft.com-c.edgekey.net.globalredir.akadns.net

Use Resolve-DnsName for more control over DNS lookups

Using the Resolve-DnsName cmdlet, you can specify much more than just a hostname and DNS server. In its simplest form, you can run Resolve-DnsName hostname to perform a quick lookup against your computer’s configured DNS server.

PowerShell

1

2

3

4

5

6

7

8

PSC:\Users\aaron>Resolve-DnsNamethinkpowershell.com

Name TypeTTL Section IPAddress

---------------------------

thinkpowershell.comA5284Answer173.236.158.197

You might be thinking,”that cmdlet name is more to type than nslookup”, but in reality it is 4 characters (“reso”) + TAB for it to autocomplete, so it is actually LESS typing.

The -Server parameter lets you specify the DNS server to which to send your query. Here we send it to Google DNS.

PowerShell

1

2

3

4

5

6

7

8

PSC:\Users\aaron>Resolve-DnsNamethinkpowershell.com-Server8.8.8.8

Name TypeTTL Section IPAddress

---------------------------

thinkpowershell.comA5284Answer173.236.158.197

The Resolve-DnsName cmdlet has some additional parameters which make it more precise than nslookup. By default, your DNS Client service will try to resolve a hostname in the following order:

If you are attempting to troubleshoot a hostname’s resolution, you may want more control over the name resolution logic than nslookup can give, because nslookup will immediately skip to step 3, query DNS server.

Local HOSTS File

For example, let’s say you have a HOSTS file entry for twitter.com to resolve to 10.10.10.10 and you want to make sure your computer is using the HOSTS file entry. If I run nslookup with the domain name, it queries my DNS server and returns the public IP for twitter.com:

PowerShell

1

2

3

4

5

6

7

8

9

10

11

12

13

C:\Users\aaron>nslookup twitter.com

Server:shs1fw1

Address:10.1.10.1

Non-authoritativeanswer:

Name:twitter.com

Addresses:199.59.149.198

199.59.148.82

199.59.148.10

199.59.150.7

In contrast, if I run Resolve-DnsName with no additional parameters, it correctly returns the resolved address from the HOSTS file, even if I were to specify a DNS server with the -Server parameter.

PowerShell

1

2

3

4

5

6

7

8

PSC:\Users\aaron>Resolve-DnsNametwitter.com

Name TypeTTL Section IPAddress

---------------------------

twitter.comA86400Answer10.10.10.10

Now let’s say I want to exclude HOSTS file resolution from my troubleshooting. I can use the -NoHostsFile parameter switch and it will skip step 1 in the resolution process.

PowerShell

1

2

3

4

5

6

7

8

9

10

11

PSC:\Users\aaron>Resolve-DnsNametwitter.com-NoHostsFile

Name TypeTTL Section IPAddress

---------------------------

twitter.comA20Answer199.59.148.10

twitter.comA20Answer199.59.150.7

twitter.comA20Answer199.59.150.39

twitter.comA20Answer199.59.149.230

DNS Client Resolver Cache and DNS Server query

Let’s take another example where you think your cached DNS entry for a server may be incorrect or non-existent. With Resolve-DnsName, you can use the –CacheOnly switch parameter to only resolve against step 1 and 2 (use it in conjunction with -NoHostsFile to only resolve against step 2). I’m using a website I haven’t attempted to go to in a long while. You can see that there is no entry currently in the cache, and I get an error.

If I run Resolve-DnsName -DnsOnly, it will skip to step 3 and query the DNS server. I can then run it again with the -CacheOnly switch parameter and we see the entry is in the cache now.

PowerShell

1

2

3

4

5

6

7

8

9

10

11

12

13

14

PSC:\Users\aaron>Resolve-DnsNamemyspace.com-DnsOnly

Name TypeTTL Section IPAddress

---------------------------

myspace.comA4257Answer63.135.90.70

PSC:\Users\aaron>Resolve-DnsNamemyspace.com-CacheOnly

Name TypeTTL Section IPAddress

---------------------------

myspace.comA4232Answer63.135.90.70

Resolve different types of DNS records

Another big advantage of Resolve-DnsName is it can look up ANY type of DNS record, not just CNAME, A, or AAAA records. You use the -Type parameter with a value matching one of many common DNS record types.

For example, you want to see the Mail Exchange (MX) records for a domain:

Or finally, you want to validate a mail server that is sending mail to you on Microsoft’s behalf by looking up microsoft.com’s Sender Policy Framework (SPF) record, which is done with a TXT record:

PowerShell

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

PSC:\Users\aaron>Resolve-DnsNamemicrosoft.com-TypeTXT

Name TypeTTL Section Strings

-------------------------

microsoft.com TXT1284Answer{v=spf1 include:_spf-a.microsoft.com

include:_spf-b.microsoft.com

include:_spf-c.microsoft.com

include:_spf-ssg-a.microsoft.com

include:spf-a.hotmail.com

ip4:147.243.128.24ip4:147.243.128.26

ip4:147.243.1.153ip4:147.243.1.47

ip4:147.243.1.48-all}

Return or pipe results as an object for other uses

The last major advantage Resolve-DnsName has over nslookup is the ease in which you can use the results of your queries. Resolve-DnsName returns a dynamic object based on the parameters used. This object’s properties can be accessed like any other PowerShell object. You can either pipe the output directly to another command (in this case Get-Member to show the TypeName and properties), or you can assign to a variable (shown below). Extremely useful for interactive sessions and scripting!

Next steps

Now that you are sold on using Resolve-DnsName over nslookup, here are some things to try:

Run Clear-DnsClientCache and then run Resolve-DnsName hostname -CacheOnly, where hostname is any server or website of your choice. Verify there are no entries found in your cache.

Run Resolve-DnsNamehostname again. Then run Resolve-DnsName hostname -CacheOnly to confirm there is now an entry in the cache.

Use the -Type parameter and some of the different DNS record types (see the TechNet article in the Reference section below for a full list) to examine the DNS records for your own organization’s domain. Check out things like the MX records and TXT records.

Comments

Hi, If I want to use Resolve-DnsName cmdlet on powershell, it shows message that “The term ‘Resolve-DnsName’ is not recognized as the name of a cmdlet, function , script file, or , so as to use this, which module do I load?